Re: rewriting and filtering addresses

Tue, 19 May 2026 08:29:30 -0700 

Hello. Here the current conf with the match line from Thomas :

eth = "re0"

table crosoft  { outlook.*, live.*, hotmail.*, baldurs-archery.dk }
table domains { dina.22decembre.eu, 22decembre.eu, 22december.dk }
table localnet { 10.0.0.0/8, ::1, 127.0.0.1, fe80::/64, fd00:22:dec::/48, 129.151.219.255, 2603:c026:306:9211::300 } 
table aliases file:/etc/mail/aliases

smtp sub-addr-delim '_'

pki blackblock dhe auto
pki blackblock key      "/etc/ssl/acme/private/blackblock.22decembre.eu.pem"
pki blackblock cert     "/etc/ssl/acme/blackblock.22decembre.eu-fullchain.pem"
filter greylist proc-exec "filter-spfgreylist -wl-ip /etc/mail/whitelist -wl-domain /etc/mail/whitelist-domains" 

filter rspamd   proc-exec "filter-rspamd"
filter senderscore \
  proc-exec "filter-senderscore -blockBelow 10 -junkBelow 70 -slowFactor 5000" 

filter "dkim" \
       proc-exec "filter-dkimsign -d 22decembre.eu -d 22december.dk -s selector1 -k /etc/mail/dkim_out_priv.key" \ 
       user _dkimsign group _dkimsign

listen on lo0

listen on fd00:22:dec:e2::2 port 10027  filter rspamd

# ouvert pour mirror
listen on $eth                                          port 10025
listen on $eth          tls-require     pki blackblock  port submission auth    filter dkim
listen on $eth          tls             pki blackblock filter { greylist,senderscore,rspamd } 

## si on doit suspendre le greylisting temporairement
## cette ligne est normalement commentee
#listen on $eth         tls             pki blackblock

action "relay"          relay           pki blackblock
action "backup"         relay backup    pki blackblock
action "dina"           relay           host smtp://dina.22decembre.eu  pki blackblock tls src fd00:22:dec:e2::2 

action "local"          lmtp "/var/dovecot/lmtp" alias <aliases>

match   from any !auth          for any mail-from <domains>     reject
match   from any                for domain <domains>            action "local" match   from src <localnet>     for domain "*.22decembre.eu"    action "local" match                           for local                       action "local"
match   from any auth           for any                         action "relay" match   from src <localnet>     for any                         action "relay" 

Thomas' match line looks like to be working.
Is there a way I make all my mails to a *.dk domain so that mail-from and from adress looks to be coming from 22december.dk ? 

something like:
match from local    for domain *.dk    action     rewrite %{sender.domain} 22december.dk 



On 15/05/2026 21:11, Thomas Bohl wrote:

Hello,

it's always easier to help if you post your config.
- I want to block mail pretending to originate from my own domain (without breaking my own conf' ofc) 

Example:
match !auth from any for any mail-from <mydomains> reject

<mydomains>:
@example.dk
@example.eu
Since someone pretending to be you will not be authenticated, its mails will be rejected.

Reply via email to